when opening the service.com, browser will fail with the error message “Unable to connect” and also the URL in the browser URL bar will be changed automatically to “service.com:8443/login”. In order to make it successful request, I have to manually delete the port 8443 to make it “Frontline Digital Automation - ROO.AI” and it will work.
Please don’t use service.com as an example domain if you don’t own it. Instead, use example.com.
Or better, don’t omit your domain. Domains aren’t secret, and certificate transparency logs list all domains that have had a certificate issued to them.
Omitting your domain just makes it harder for us to help, because we can’t do our own set of checks against it to see what’s going on.
That said, see the docs for how to proxy to HTTPS services:
Doing this, the service should know the original Host header, so it should be able to reuse that when triggering redirects.
Thank you very much for your reply
The domains are named for our internal usage, it may make some team members uncomfortable to see real names, I will make sure to avoid service[dot]com and use example.com
I have tried putting the header up option but still the same problem persists and 302 redirect is sent from the up stream with custom port.
In that case, you’ll need to adjust your upstream app to read Host or X-Forwarded-Host and use that to construct the URLs for redirect.
It is possible to work around it in Caddy by performing a header regexp replacement, but that’s just a band-aid. The proper solution is to fix it at the source of the problem.